Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2008-07-07 |
| Product | Groove | Last view | 2011-09-15 |
| Version | 2007 | Type | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:microsoft:groove:2007:sp2:*:*:*:*:*:* | 2 |
| cpe:2.3:a:microsoft:groove:2007:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4 | 2011-09-15 | CVE-2011-1892 | Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability." |
| 9.3 | 2010-08-27 | CVE-2010-3146 | Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file, aka "Microsoft Groove Insecure Library Loading Vulnerability." |
| 7.5 | 2008-07-07 | CVE-2008-3068 | Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-200 | Information Exposure |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:12632 | Microsoft Groove Insecure Library Loading Vulnerability |
| oval:org.mitre.oval:def:11910 | DEPRECATED: Untrusted search path vulnerability in Microsoft Office Groove 2007 |
| oval:org.mitre.oval:def:12907 | SharePoint Remote File Disclosure Vulnerability |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Office Groove Insecure Library Loading | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75392 | Microsoft SharePoint XML File Arbitrary File Disclosure |
| 75381 | Microsoft SharePoint XML / XSL File Handling Unspecified Arbitrary File Discl... |
| 67484 | Microsoft Office Groove Path Subversion Arbitrary DLL Injection Code Execution |
| 47004 | Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di... |
ExploitDB Exploits
| id | Description |
|---|---|
| 17873 | File disclosure via XEE in SharePoint 2007/2010 and DotNetNuke < 6 |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-09-14 | Name : Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858) File : nvt/secpod_ms11-074.nasl |
| 2011-03-09 | Name : Microsoft Groove Remote Code Execution Vulnerability (2494047) File : nvt/secpod_ms11-016.nasl |
| 2010-09-29 | Name : Microsoft Office Products Insecure Library Loading Vulnerability File : nvt/secpod_ms_office_prdts_insecure_lib_load_vuln.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2011-B-0115 | Multiple Vulnerabilities in Microsoft Office SharePoint Severity: Category II - VMSKEY: V0030239 |
| 2011-B-0034 | Microsoft Groove Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0026092 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office SharePoint XML external entity exploit attempt RuleID : 20115 - Type : SERVER-WEBAPP - Revision : 10 |
| 2014-01-10 | Microsoft Groove GroovePerfmon.dll dll-load exploit attempt RuleID : 19315 - Type : OS-WINDOWS - Revision : 13 |
| 2014-01-10 | Groove GroovePerfmon.dll dll-load exploit attempt RuleID : 19314 - Type : OS-WINDOWS - Revision : 12 |
| 2014-01-10 | Microsoft Groove mso.dll dll-load exploit attempt RuleID : 18500 - Type : OS-WINDOWS - Revision : 19 |
| 2014-01-10 | Microsoft Groove mso.dll dll-load exploit attempt RuleID : 18499 - Type : OS-WINDOWS - Revision : 17 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2011-09-14 | Name: The remote host is affected by multiple privilege escalation and information ... File: smb_nt_ms11-074.nasl - Type: ACT_GATHER_INFO |
| 2011-03-08 | Name: Arbitrary code can be executed on the remote host through Microsoft Office. File: smb_nt_ms11-016.nasl - Type: ACT_GATHER_INFO |
